package com.tender.realms;

import org.apache.shiro.authc.*;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import com.tender.service.SecurityService;
import com.tender.service.impl.SecurityServiceImpl;

public class MyCustomRealm extends AuthorizingRealm {

    /**
     * @param token 传递登录token
     * @return
     * @Description 认证接口
     */
    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
        // 从AuthenticationToken中获得登录名称
        String loginName = (String) token.getPrincipal();
        SecurityService securityService = new SecurityServiceImpl();
        String password = securityService.findPasswordByLoginName(loginName);
        if ("".equals(password) || password == null) {
            throw new UnknownAccountException("账户不存在");
        }
        // 传递账号和密码(shiro 会拿着SimpleAuthenticationInfo 去进行认证)
        return new SimpleAuthenticationInfo(loginName, password, getName());
    }

    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
        return null;
    }
}
